docker.io/penpotapp/backend:2.16 linux/amd64

docker.io/penpotapp/backend:2.16 - Trivy安全扫描结果 扫描时间: 2026-06-24 10:03
全部漏洞信息
低危漏洞:0 中危漏洞:6 高危漏洞:6 严重漏洞:0

系统OS: ubuntu 24.04 扫描引擎: Trivy 扫描时间: 2026-06-24 10:03

docker.io/penpotapp/backend:2.16 (ubuntu 24.04) (ubuntu)
低危漏洞:0 中危漏洞:0 高危漏洞:0 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
Java (jar)
低危漏洞:0 中危漏洞:1 高危漏洞:5 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
io.netty:netty-handler CVE-2026-44249 高危 4.2.13.Final 4.2.15.Final, 4.1.135.Final netty-handler: netty-handler: IPv6 subnet rule bypass due to incorrect masking operation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44249

镜像层: sha256:4939b2a38b3f2ba6c80ff37cba5b56720806b0b428551dcba069d57c3ee6c330

发布日期: 2026-06-11 22:16 修改: 2026-06-17 10:50
io.netty:netty-handler CVE-2026-45416 高危 4.2.13.Final 4.2.15.Final, 4.1.135.Final netty-handler: Netty: Denial of Service due to eager buffer allocation in TLS handshake

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45416

镜像层: sha256:4939b2a38b3f2ba6c80ff37cba5b56720806b0b428551dcba069d57c3ee6c330

发布日期: 2026-06-12 15:16 修改: 2026-06-17 10:52
io.netty:netty-handler CVE-2026-50010 高危 4.2.13.Final 4.2.15.Final, 4.1.135.Final netty-handler: Netty: Improper trust manager handling leads to hostname verification bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50010

镜像层: sha256:4939b2a38b3f2ba6c80ff37cba5b56720806b0b428551dcba069d57c3ee6c330

发布日期: 2026-06-12 16:16 修改: 2026-06-17 10:57
io.netty:netty-resolver-dns CVE-2026-45674 高危 4.2.13.Final 4.2.15.Final, 4.1.135.Final netty-resolver-dns: Netty: Information disclosure and data manipulation due to improper CNAME record validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45674

镜像层: sha256:4939b2a38b3f2ba6c80ff37cba5b56720806b0b428551dcba069d57c3ee6c330

发布日期: 2026-06-12 15:16 修改: 2026-06-17 10:52
io.netty:netty-resolver-dns CVE-2026-47691 高危 4.2.13.Final 4.2.15.Final, 4.1.135.Final io.netty/netty-resolver-dns: Netty has Insufficient Bailiwick Validation for NS Records

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-47691

镜像层: sha256:4939b2a38b3f2ba6c80ff37cba5b56720806b0b428551dcba069d57c3ee6c330

发布日期: 2026-06-12 16:16 修改: 2026-06-17 10:54
io.netty:netty-resolver-dns CVE-2026-45673 中危 4.2.13.Final 4.2.15.Final, 4.1.135.Final netty-resolver-dns: Netty DNS resolver: DNS Cache Poisoning via predictable transaction IDs

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45673

镜像层: sha256:4939b2a38b3f2ba6c80ff37cba5b56720806b0b428551dcba069d57c3ee6c330

发布日期: 2026-06-12 15:16 修改: 2026-06-17 10:52
Node.js (node-pkg)
低危漏洞:0 中危漏洞:5 高危漏洞:1 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
picomatch CVE-2026-33671 高危 4.0.3 4.0.4, 3.0.2, 2.3.2 picomatch: Picomatch: Regular Expression Denial of Service via crafted extglob patterns

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33671

镜像层: sha256:ee88d3f638de6a97f3395ca3356cf8dd43c819f3a5e4a49dd43b9c155a0ec6a4

发布日期: 2026-03-26 22:16 修改: 2026-06-17 10:37
brace-expansion CVE-2026-45149 中危 5.0.4 5.0.6 brace-expansion: brace-expansion: Denial of Service due to excessive memory allocation when expanding large numeric ranges

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45149

镜像层: sha256:ee88d3f638de6a97f3395ca3356cf8dd43c819f3a5e4a49dd43b9c155a0ec6a4

发布日期: 2026-05-29 20:16 修改: 2026-06-17 10:51
ip-address CVE-2026-42338 中危 10.1.0 10.1.1 ip-address: ip-address: Cross-site scripting via improper HTML escaping of untrusted input

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42338

镜像层: sha256:ee88d3f638de6a97f3395ca3356cf8dd43c819f3a5e4a49dd43b9c155a0ec6a4

发布日期: 2026-05-12 20:16 修改: 2026-06-17 10:47
brace-expansion CVE-2026-33750 中危 5.0.4 5.0.5, 3.0.2, 2.0.3, 1.1.13 brace-expansion: brace-expansion: Denial of Service via zero step value in brace pattern

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33750

镜像层: sha256:ee88d3f638de6a97f3395ca3356cf8dd43c819f3a5e4a49dd43b9c155a0ec6a4

发布日期: 2026-03-27 15:16 修改: 2026-06-17 10:38
picomatch CVE-2026-33672 中危 4.0.3 4.0.4, 3.0.2, 2.3.2 picomatch: Picomatch: Data integrity compromised via method injection with crafted POSIX bracket expressions

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33672

镜像层: sha256:ee88d3f638de6a97f3395ca3356cf8dd43c819f3a5e4a49dd43b9c155a0ec6a4

发布日期: 2026-03-26 22:16 修改: 2026-06-17 10:37
tar CVE-2026-53655 中危 7.5.11 7.5.16 node-tar is a full-featured Tar for Node.js. Prior to 7.5.16, tar (nod ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-53655

镜像层: sha256:ee88d3f638de6a97f3395ca3356cf8dd43c819f3a5e4a49dd43b9c155a0ec6a4

发布日期: 2026-06-22 16:16 修改: 2026-06-23 15:50
Python (python-pkg)
低危漏洞:0 中危漏洞:0 高危漏洞:0 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
检测到您正在使用广告拦截插件,本站为公益站点,依赖广告维持运转 🙏 查看如何关闭 ×